D-Link DIR-655 Firmware 1.21 Hijacks Your Internet Connection 428
chronopunk writes "Normally when you think of firmware updates for a router you would expect security updates and bug fixes. Would you ever expect the company that makes the product to try and sell you a subscription for security software using its firmware as a salesperson? I recently ran into this myself when trying to troubleshoot my router. I noticed when trying to go to Google that my router was hijacking DNS and sent me to a website trying to sell me a software subscription. After upgrading your D-link DIR-655 router to the latest firmware you'll see that D-link does this, and calls the hijacking a 'feature.'"
Why... (Score:3, Insightful)
Is this even legal? This is my device; if it does something I don't like, and can't disable it, that seems like an attack on my rights; to do it to sell ads... that's just low, D-Link!
Re:Why... (Score:5, Informative)
That's the end of D-Link. (Score:5, Insightful)
Why are marketing people allowed to destroy companies? Then they go to a new company and do it again.
Re:That's the end of D-Link. (Score:5, Interesting)
It's been a long time since I bought from DLink anyway. Their products are expensive, inconsistent, unreliable and plain ugly. I hate how they always use non standard names for things like port forwarding, making it hard to talk people through it over the phone.
This is a new low for DLink, and is further vindication of my strict no-DLink policy.
Re:That's the end of D-Link. (Score:4, Informative)
I've actually dealt with a D-Link USB WiFi adapter that the USB connector wasn't soldered to the board.
It's a wonder the thing even worked at first without giving the user a problem. (Five minutes later, after the user complained, it was working fine... but it didn't work for long.)
Re:That's the end of D-Link. (Score:5, Interesting)
There's also a difference between bad engineering and bad assembly.
The US automakers have learned this one the hard way - some of their cars have amazing engineering. But, all that engineering was let down by poor assembly quality (of both the component parts and of the car itself.)
Re: (Score:3, Informative)
Funny, Belkin still seems to be around.
Re: (Score:3, Insightful)
You have to manually upgrade the firmware and going back to plan old 1.20 is exactly the same process.
Which raises the question, if you didn't know it was going to do this (because lets face it, who would honestly expect this to have happened before now?), and instead of hijacking google.com, it hijacks the D-Link page where you could download the previous version that you just overwritten, with a link to "pay us money and you can download a fixed version 1.21", what then?
Re:Why... (Score:5, Informative)
Still pretty hinky, though.
Re:Why... (Score:5, Interesting)
What's annoying with things like this (and others) is that it just gets in the way and obstructs your work.
I choose things based on their lack of snarkiness. I don't want a Windows PC full of crapware. I'd rather just pay the manufacturer a few extra bucks to cover the loss of crapware kickbacks. I used to run an AV, but occassionally, it would bring up a message telling me I wasn't fully protected because I wasn't running their antispam (despite running Thunderbird). When my renewal came up, I chose another company, and I told them that this was one of the reasons.
Re:Why... (Score:5, Funny)
whether or not we CAN disable it is moot - there's law regarding redirects without permission. I just can't find the damned thing, but I know it's there having read it here on slashdot.
Re:Why... (Score:5, Insightful)
If you RTFA, you'll see that you CAN disable it.
What are we becoming? Now every sleazy behaviour is ok as long as you can opt-out? That hasn't worked for spam for the past 20 years, has everyone suddenly got a learning disorder?
The default behaviour of absolutely everything that's not a requested feature has to be opt-in.
Opt-out is not good enough. I thought we'd learnt that by now.
Re:Why... (Score:4, Informative)
What are we becoming? Now every sleazy behaviour is ok as long as you can opt-out? That hasn't worked for spam for the past 20 years, has everyone suddenly got a learning disorder?
Just to point out, if you RTFP (post) mattytee doesn't say it's ok, he says it's "hinky." Which might NOT mean okay. I admit, I don't know what it ACTUALLY means, so it might mean "good." I don't think I'd enjoy being called "hinky" so it doesn't sound like he's saying "You can opt out, so it's cool."
Re:Why... (Score:5, Funny)
Just to point out, if you RTFP (post) mattytee doesn't say it's ok, he says it's "hinky." Which might NOT mean okay. I admit, I don't know what it ACTUALLY means, so it might mean "good."
It could be a typo for "kinky." Which, I can only imagine, would be included in the comprehensive list of fetishes [xkcd.com].
Re:Why... (Score:4, Informative)
hinky: 1) Something as yet undefinable is wrong, out of place; not quite right; 2) "I've a bad feeling about that": something out of whack, wrong, off-kilter; 3) a state of being vaguely suspicious.
source: http://www.urbandictionary.com/define.php?term=hinky [urbandictionary.com]
this definition fits my previous (vague, contextual) knowledge of the term. some uses color towards sleazy, some towards kludgy; but they all have the general sense of something suspicious in some way.
Re:Why... (Score:5, Interesting)
Re:Why... (Score:4, Insightful)
You don't get it. If doing such a thing were legal, lots of people WOULD buy from these people. Yes, it sounds insane, but remember, spammers and telemarketers make lots of money, even though most of us think it's idiotic to buy from such sellers. Of course, in reality, there probably wouldn't be enough people buying from the sellers blocking their way on the road to pay for their operating costs (this is why spam and telemarketing work so well, because the cost per potential customer is so low), but I guarantee a non-zero number of people would buy.
Re:Likely actionable sabotage. (Score:4, Insightful)
Regardless of whether or not you can disable it, unless it was an *advertised* feature -- if it redirected you to a fake, substitute website that was other than the website you _thought_ you were going to, isn't that evidence of an unauthorized invasion and hack of the device to introduce a 3rd-party, fraudulent, redirection mechanism that can potentially be used not only by D-Link, but also by a cracker attempting a phishing exploit?
In the US, the unauthorized addition of redirection software to a hardware device (which itself would probably qualify as a small computer), with the right lawyer or prosecutor, could result in jail time for the perp, or, if it's a corporation, probably a bonus for the project manger. ;^/
Re:Why... (Score:5, Interesting)
The only solution is to burn the place down or kill a few key people, then let them all know why. But no one is going to throw their life away on a bad router purchase.
Re:Why... (Score:5, Funny)
If only revolution was not such an outdated ideal.
Re: (Score:3, Funny)
If only revolution was not such an outdated ideal.
Sixty revolutions per minute this is my regular speed, Gogol Bordello [youtube.com] or something.
Re:Why... (Score:5, Funny)
Damn, and I thought D-Link was one of the better companies to buy a router from.
Re:Why... (Score:5, Insightful)
Hell NO. They're absolute garbage! I've seen more fried D-Link routers than every other brand combined. I'd sooner buy any other no-name brand for *more* money. Plus, they've been doing "evil" stuff like that for ages -- not long ago they were hammering a tier-1 NTP server with their firmware (and the poor guy was footing the bill for them on his own). Their garbage is best avoided.
You want a good router? Get a Linksys WRT54GL (that is NOT the G or GS). Then put tomato on it or DD-WRT (they're Linux distros). Then setup opendns and all that in it too. Best router you can get under $500 perhaps (short of a specialized/fancy cisco router that runs IOS and is easy to mis-configure, an expensive specialized routerboard, or power-hungry computer with moving parts...)
Re:Why... (Score:4, Interesting)
Re:Why... (Score:4, Interesting)
I think the Zyxel Zywall 2+ is the best sub $500 router you can get. It only cost me about $175.
Since I started buying Zyxel, I only buy Zyxel. Feature set is without compare.
Re: (Score:3, Informative)
Re: (Score:3, Informative)
BitTorrent is usually the culprit for random router slugginess. Here's the instructions for solving it in DD-WRT by increasing the max connections. [dd-wrt.com]
Re: (Score:3, Informative)
Re:Why... (Score:5, Funny)
The only solution is to burn the place down or kill a few key people, then let them all know why. But no one is going to throw their life away on a bad router purchase.
that's the problem with the youth today, no commitment to principles.
Re:Why... (Score:5, Funny)
I was out there with torches and pitchforks but these two old farts complained that I was making too much noise and had me removed.
Re:Why... (Score:4, Interesting)
Re:Why... (Score:4, Funny)
If you RTFA it is something you can disable
Since when do we need to RTFM for consumer products like a WLAN router? It's not something complicated like a microwave oven where you need warning labels telling you not to dry your pet in it...
Re: (Score:3, Funny)
Oh shit, I didn't read those warnings.... FLUFFY!!! NOOOOOOOOOOoooooooo.....
Re: (Score:3, Funny)
Oh shit, I didn't read those warnings.... FLUFFY!!! NOOOOOOOOOOoooooooo.....
There's no need to blame yourself. I've come to help you avenge your cat. [poetv.com]
Re:Why... (Score:4, Interesting)
I think it's quite arguable that it's "hardly illegal". You could say that they're fraudulently claiming that the object they're selling is a "router" when in fact it's an "advertising machine". Or you could say that by hijacking the DNS for google, they are fraudulently making it appear that google is endorsing their software.
Of course, the real solution is to never buy a d-link product. Haven't there been enough issues with them reported here over the years to scare away a responsible technician?
Re: (Score:3, Interesting)
Actually, could it be considered fraudulent? They intentionally did something that made the product somewhat not fit for use, because in certain cases it's actually not a correct router.
Alternatively, Google might have a trademark claim or unfair competition claim against D-Link, because of the surreptitious redirect.
Re:Why... (Score:5, Insightful)
Wow. Recent Netgear switches I've bought were doing the whole 70% packet loss thing (of the five white Netgear hubs I've dealt with, three have been completely worthless; haven't tried the blue metal ones lately), and now DLink moves right along with them onto my do-not-buy list. Linksys (won't work reliably with upstream switches) and Belkin (Wi-Fi routers crash constantly when passing wireless traffic) are both so buggy (to the point of being unusable) that they've been on my do-not-buy list for years. I've just about run out of networking hardware manufacturers....
Why can't just ONE SINGLE networking product company make a pledge to stop cutting corners on quality and looking for ways to make a quick buck off their users and just deliver decent hardware!?!?!?!?!?! Don't ANY of these companies' management chains have the SLIGHTEST bit of fiscal common sense?
Sheesh!
Re:Why... (Score:4, Insightful)
Re: (Score:3, Insightful)
I dunno. Why do most consumers run back to a company that cheated them like a battered woman to her abuser?
Re:Why... (Score:5, Funny)
"I dunno. Why do most consumers run back to a company that cheated them like a battered woman to her abuser?"
Because the sex is terrific, and they really WANT to change!
Re:Why... (Score:5, Interesting)
I never said I was boycotting them in perpetuity. That said, these aren't isolated problems. Three out of five Netgear switches died, three out of three Netgear FA101/FA102 cards died within a couple of years, etc. It takes three bad experiences with a company's product to earn do-not-buy status unless one of those bad experiences is really serious (the Belkin USB-serial adapter that was shorted from the factory and nearly killed my computer, for example).
At least in this DLink case, it's just a political do-not-buy, which might go away if/when they clean up their act. Their gear seems to be electrically mostly solid. That's why this bugs me so much. They were the only one that I hadn't had a long string of horrible hardware faults from. :-)
Linksys + alternative firmware (Score:5, Informative)
Linksys isn't so bad if you replace the firmware. Try dd-wrt [dd-wrt.com] if you want quick and easy, or OpenWRT [openwrt.org] if you want to customize. I guarantee you'll like 'em. (Get a WRT-54GL to try it on; they're cheap nowadays.)
Re:Linksys + alternative firmware (Score:5, Interesting)
Isn't it nice when things just work?
Re: (Score:3, Interesting)
As another has mentioned, downloaders beware of the Linksys WRT54G(L). It crumples and dies with nearly any bittorrent connections.
I had this happen with default firmware and DD-WRT. I've recently switched to a DIY solution running m0n0wall. All gigabit and the difference is clear. However, in total I spent nearly $400.
Re: (Score:3, Informative)
http://www.dd-wrt.com/wiki/index.php/Installation [dd-wrt.com]
Some of the WRT300N and WRT600N models are usable.
Re:Why... (Score:4, Informative)
There are routers that run open source firmware. An example of a company that uses open source firmware is Canyon. I've had one for a couple of years now. I got the first hardware revision, so I haven't been able to upgrade my firmware to the latest, but my model is still manufactured, albeit in a later hardware revision and the firmware is open source. Works like a charm.
Re:Why... (Score:4, Insightful)
Well, most of these companies take a reference design from the networking chipset manufacturer (Atheros, Marvell, Ralink, etc.), put new plastic around it, and rebrand the drivers. High volume, low margins: not much effort put into support.
Re:Then stop using their crap firmware. (Score:4, Informative)
Thirded. I just completed a project that cost about $8k dollars by rolling a customized OpenWRT/DD-WRT setup that includes 802.1q VLANs (no wonky iptables junk to seperate networks), 802.1x with authentication against ActiveDirectory, public and private SSIDs available from a single access point, the list goes on.
OpenWRT is enterprise wireless firmware for free that runs on home consumer priced hardware, making it enterprise quality hardware. (Although lacking POE)
My company was going to spend about $75k on a comparable solution from Aruba and I was able to squeeze out every single feature they offer from OpenWRT. So instead of $75k, we're spending $4,500 for the same feature set. Not bad.
So, while D-Link's own firmware is goofy, if you just buy their box and wipe it it you'll be saving yourself money in the long run.
Re:Why... (Score:5, Insightful)
From The FA (Score:3, Informative)
>You can disable this feature by logging into the router and clicking the Advanced Tab and Secure Spot on the left side.
>D-Link Customer Service
Unethical to enable it by default and not tell the customer about it *until* it hijacks the connection (if you ask me) but easily disabled apparently.
Re: (Score:3, Insightful)
Who cares particularly if it is legal or not. What you SHOULD be worrying about is how easy would it be for such a company to take a handsome bribe to allow others to hijack your connection via their firmware/router?
Vyatta anyone? http://www.vyatta.com/ [vyatta.com]
I think it's about time for some serious F/OSS hardware and firmware to replace what was once thought safe and sound from hacking and such.
Well.... (Score:5, Funny)
Please click here to renew subscription!
Huh? (Score:4, Informative)
I've been using rev1.21 for a few weeks now and I haven't seen this behavior at all.
Wednesday, November 05, 2008 5:51:22 PM
Firmware Version : 1.21, 2008/09/11
*shrug*
Re:Huh? (Score:5, Funny)
Is there any kind of agreement? (Score:4, Informative)
Before installing the new firmware, are you asked if this is Okay? If not, do they make it clear how it can be disabled?
I am now reluctant to upgrade my DLink firmware. Is it's easy and clear that one can opt out.
Thank you! (Score:4, Insightful)
Thank you so much for the warning! I'll stay on 1.20 then and my next router certainly won't be a D-link.
Re:Thank you! (Score:5, Informative)
Replying to myself to add some info. Firmware v1.20 doesn't have the "Advanced -> Secure Spot" page they mention so it really seems to be be new in v1.21. The 1.20 firmware can still be downloaded from here [dlink.com.tw].
Ran across this just the other day... (Score:4, Insightful)
I helped my father-in-law purchase a wireless router for his home and set it up for him recently. I was rather surprised when I updated the firmware and was then greeted by spam upon opening a web browser. I have to say that I'm really disappointed by d-link on this one. Here's to hoping that the backlash is enough to make them reconsider doing this type of stuff again.
Generally speaking, I'm a fan of their networking equipment (own a dgl-4300 that I'm very happy with myself), but if this is the direction that they are going in, I won't be buying or recommending their stuff anymore. I plan on e-mailing them and telling them I am unhappy with their practices.
Cheers! (Score:4, Funny)
Won't be buying any more Dell hardware for a while!
Without SecureSpot 2.0 (Score:5, Informative)
Belkin has done this before (Score:5, Informative)
Back in 2003 Belkin introduced a router that periodically redirected HTTP connections to advertise its own software:
Help! my Belkin router is spamming me [theregister.co.uk]
Some commentary:
Ease-of-use or marketing-driven sabotage: Does your hardware's software do only what you expect of it? [ibm.com]
Just like Belkin back in 2003 (Score:5, Informative)
Here's [theregister.co.uk] an old article about Belkin doing a very similar thing:
Belkin, the consumer networking and connectivity firm, has promised customers a firmware upgrade to disable a controversial 'spamming' feature built into its routers.
As first reported on The Reg last week, the feature hijacks random HTTP requests every eight hours and redirects users to a page advertising Belkin's parental control software. There is an opt-out link but that failed to appease Net users who accused Belkin of creating a new mechanism for spam.
D-Link (Score:4, Insightful)
I've owned several D-Link routers, either through no fault of my own or pressed for time and had to buy it. In all of the years I've had to deal with them, I've learned this:
D-Link is Shit. Buy Linksys.
Re: (Score:3, Informative)
> D-Link is Shit. Buy Linksys.
> > Linksys is even worse shit.
Buy the router/AP that has the features you want AND is supported by Tomato, DD-WRT, et al, and don't look back.
Re:D-Link (Score:4, Informative)
Better firmware is only part of the problem.
As a member of Melbourne Wireless [wireless.org.au] where we have lots of cheap wireless routers, I can say the best consistent brand of low end routers is ASUS. I expect they are the OEM for many of the early versions of other routers as well based on looking at the insides.
Re:D-Link (Score:5, Insightful)
Consumer-grade shit is consumer-grade shit in every industry. But I think we can have some expectation that when we buy a router, even a cheap shitty one, that it makes a best effort to send the data we ask and not its own marketing message. To use a bad car analogy, I don't expect my car to corner like a race car, to tow a 16-wheel trailer, to be as comfortable as a Benz. But I do expect that it steers where I turn the wheel, and not to the nearest mall.
Lots of consumer-grade shit is ad-supported; we get cheaper shit in exchange for being coerced into buying more cheap shit. Maybe if a company is going to introduce an ad-supported business model to a class of products where it's generally unexpected they should be required to label it prominently.
More reasons never to go consumer again (Score:5, Interesting)
After massive amounts of pain with consumer/prosumer-grade (many of the D-Link) routers in the past two years, I finally dropped real money for a real broadband router earlier this year. So far, I've had months and months of trouble-free service.
Now I start hearing crap like this. Makes me even MORE thankful I bit the bullet.
Also "you can turn it off!" apologists? WHY IT IS ON BY DEFAULT? Moreover, tell that to some luddite who barely understands how to boot his computer.
Re: (Score:3, Insightful)
Re: (Score:3, Interesting)
A second WAN interface.
Gigabit backplane.
A VPN solution that gives you more than a single-megabit connection speed.
So much for D-Link (Score:5, Insightful)
Even if there's an option to disable this, the fact that it seems to be enabled by default is enough for me. D-Link from this point on will never be on my list of vendors when looking for networking gear.
Idiots... (Score:5, Insightful)
Apparently they didn't learn from the shitstorm that hit belkin when they did the exact same thing years ago.
Another vendor goes down the tubes...
RISKS: Hardware-borne Trojan Horse programs (Score:4, Informative)
Ah, I found one. The Risks Digest, Volume 16: Issue 55, Weds 9 November 1994 [ncl.ac.uk]. The relevant section is reprinted below for preservation's sake, edited only for spelling ("entirity"), converting asterisk-marked text to strong text, formatting, block quoting, and adding links.
Re: (Score:3, Insightful)
Simple solution... (Score:5, Informative)
Only buy home routers that can run opensource firmwares. I'm quite happy with my WRT54GL, although the hardware is a bit antiquated at this point.
Re: (Score:3, Interesting)
My WRT54GL is likewise running just fine. It has OpenWRT which has has no hijacking feature that I'm aware of.
I'm curious, though, how is the hardware on these antiquated? They really just route ethernet and wifi packets and that's it. Some people are making robots out of them. The last benchmarks that I saw had these things slinging 30Mbits/sec and I know everyone's broadband speed hasn't quadrupled since the WRT came out.
Re: (Score:3, Informative)
I bought a WRT54GL just a few months ago, and installed DD-WRT on it. It's OK, although DD-WRT has some issues. Nothing worth singing about. The hardware is only "antiquated" in that it has twice the RAM and Flash storage as newer, cheaper devices.
And I totally agree about only buying routers that can run opensource firmwares.
Google Should Sue (Score:5, Interesting)
Google should sue because they have lots of high-priced lawyers and can really make DLink regret this.
Ugh. Why? (Score:3, Insightful)
So let's see, Linksys makes generic crap. I'm not completely impressed with my NETGEAR device so I don't think they're that great either. Don't even get me started on how bad Belkin's stuff was. D-Link sounded good, but now this?
NOW what do we go with?
I do agree it's not a HUGE issue since it's able to be disabled, but it's still not good that it's an opt in thing. I'd be buying a piece of hardware to connect to the Internet. NOT a subscription service. It may be good for those not comfortable with computers, but still, not so comfortable with those that DO understand them.
it's not illegal... (Score:3, Informative)
Absolutely, positively INFAMOUS (Score:5, Insightful)
Router Setup Page downloads Securespot version (Score:5, Informative)
DIR-655 (Score:3, Interesting)
Phonehome goodness (Score:4, Informative)
Link to download it without securespot (Score:4, Informative)
I have this router and it's worked really well - has been very stable and has a whole lot of really nice features - I do a lot of remote stuff both ways too and from work - not to mentioned bittorrent and binaries, webcams. Never have a problem, never have to reboot it.
Additionally the router has a feature that can email you when a new update comes out, the download page had a link for 1.21 with securespot and 1.21 without - I checked out what it was and decided against it. As others have mentioned. Below is the link I used:
ftp://ftp.dlink.com/Gateway/dir655/Firmware/dir655_firmware_121_no_securespot.zip [dlink.com]
I agree with how most people feel, that they need to be a little more upfront - a lot of the people here aren't going to want that feature - however, there are some people who may - among other things I think it has parental controls, it's like websense for the home user.
When you're updating the firmware on any device and not paying attention to the changes and what they actually do you're going to end up getting fucked, - especially when it comes to consumer home devices like these.
Using FLOSS, without the decency to acknowledge it (Score:5, Interesting)
add_record (shitlist, "DLink"); (Score:3, Informative)
Now I get to add DLink to the same list. Unless and until DLink issues a public apology and shows contrition for this, there they shall stay, alongside Belkin.
Schwab
Re:Slashdot Editors, Do Some Editing (Score:5, Informative)
Plus, upgrading your firmware "just because". Why?
Because router firmware upgrades often mean closing security holes.
Re:Slashdot Editors, Do Some Editing (Score:5, Insightful)
Plus, upgrading your firmware "just because". Why?
Because router firmware upgrades often mean closing security holes.
While one might think this at first, there's no evidence that this is the case for this incident. It's just as likely, without a firmware being released with specific notes about "holes" that it "plugged", that the update created more bugs.
In this case, it was "I felt like upgrading the firmware". The downfalls: User obviously didn't know how the feature set changed (because didn't do research before upgrading the firmware, just saw that one number was larger than the other) and there's always the possibility of bricking your router that is already working just peachy.
So, no, I don't accept your reasoning, even though it seems "sensible" at the start.
Re:Slashdot Editors, Do Some Editing (Score:5, Insightful)
We live in a world where we have to automatically upgrade adobe PDF, java, windows, iTunes, firewalls, antiviruses, antispam, smartphones, wmv codecs, xvid codecs, divx codecs, everything HP ever produced, video game consoles, etc. Of course people automatically update their routers: it's what we've been conditioned to do.
Re:Slashdot Editors, Do Some Editing (Score:4, Informative)
The non securespot version has been there since the firmware was released. Its simply a case of the submitter not reading and comprehending. Either way, it asks you if you want to try it twice, and then leaves you alone.
Re:Slashdot Editors, Do Some Editing (Score:5, Insightful)
The non securespot version has been there since the firmware was released.
"without SecureSpot" certainly doesn't sound like "without spam". It much more sounds like that version is lacking a security feature, don't you think?
Either way, it asks you if you want to try it twice, and then leaves you alone.
So? It shouldn't even "ask" once. Remember that "ask" in this case means intercepting and manipulating traffic. I'm not familiar with applicable US law, but in the UK and Germany, where I know the law a little, this "feature" runs afoul of criminal laws.
Besides, what kind of attitude is that? It's ok to feel up your wife if I stop after being told twice not to?
Re:Slashdot Editors, Do Some Editing (Score:5, Insightful)
there's a separate link at their firmware download page for the DIR-655 that says (in plain view, in a sensible spot): Click here for Firmware 1.21 WITHOUT SecureSpot 2.0
Well, I highly doubt that most customers know what "SecureSpot" is. So how are they supposed to know to download the non-annoying firmware update? Of course, you may say that this is the customer's problem: they should read up on all the features that are being installed in the firmware update, and be sure that this is really what they want, etc.
And, yes, in principle everyone should read every line of each and every EULA.
The fact is that any reasonable person would expect a firmware update to only fix bugs and security flaws. It would not be normal to expect entirely new features to be installed, and it is certainly abnormal for the new "feature" to actually include nagware that prompts you to pay for some new service.
The point here is that what they are doing is sleazy. The default configuration should have that redirect turned off. The link for a "without SecureSpot" firmware is nice, but the fact is that 99.9% of users will only notice that after they have already installed, and been annoyed by, the default update.
It's an annoying thing to do with a firmware update. And in that sense, it's a reason to not do business with them.
Re: (Score:3, Informative)
Oh, it wouldn't, eh?
iPhone users, you hear that? You should be pissed at Apple for adding new features to your phone. How dare they try to make you experience better. Same for you Tivo users, and early adopters everywhere. Tell the companies: I bought your product when it sucked, and I LIKE it that way. STOP TRYING TO MAKE MY EXPERIENCE BETTER!
I'm sorry, but you're an idiot. Firmware upgrades frequently add new features, and if those feat
Re:Slashdot Editors, Do Some Editing (Score:4, Funny)
Brilliant strategy... A company pisses you off, so you boycott their competitor. That'll teach 'em!
Re: (Score:3, Insightful)
If it was that easy to resolve why even bother taking the time to post about it? It seems like it took longer to complain than it did to fix it.
Re:Slashdot Editors, Do Some Editing (Score:4, Funny)
Re:Slashdot Editors, Do Some Editing (Score:5, Insightful)
From the goddamn article:
So, you can turn it off. Not only that, but as of 9/30 there's a separate link at their firmware download page for the DIR-655 [dlink.com] that says (in plain view, in a sensible spot): Click here for Firmware 1.21 WITHOUT SecureSpot 2.0
Plus, upgrading your firmware "just because". Why?
Double flame to you buddy.
1) I wouldn't call "WITHOUT SecureSpot 2.0" in plain view. It's not like SecureSpot means anything to me. It has the name Secure so it sounds like something I would want. Now if they named it KickInTheBalls 2.0 or maybe SlapInTheFace 3.2 I would know to avoid it. SecureSpot means nothing to me.
2) Upgrading firmware on a firewall/router why? Are you kidding me? You're going to be-little people who pro-actively secure their main entry point to the outside world. From now on you should lose your Slashdot posting privs.
Re:Slashdot Editors, Do Some Editing (Score:4, Insightful)
So your message is "it's just a small pile of shit, swallow it already?"
No, sir!
It's still abuse if it's a small abuse. There's no such thing as "a little pregnant" or "a little dead". Abuse is abuse is abuse.
Why is this abuse? Because you will be very hard pressed to find a single customer who bought the product, expecting such a feature or, had you asked him, approving it.
If I give you a contract to paint my living room, that does not include the permission to record a porn movie while you're at it. And if I buy a router to handle my traffic, I don't give it permission to reroute me to advertisement.
Re:It's about as legal... (Score:4, Funny)
Personally I'd be very happy if I got two oranges rather than just one!
Poster should not have posted (Score:5, Insightful)
If I buy a router, I wanted the router. I would not buy a router if I wanted a security stack; I would buy security software.